Warning:
JavaScript is turned OFF. None of the links on this page will work until it is reactivated.
If you need help turning JavaScript On, click here.
This Concept Map, created with IHMC CmapTools, has information related to: Chapter 7 Types of Attacks, Types of Threats and Attacks Hijacking A technique that takes advantage of weakness (trust relationships) in the TCP/IP protocol stack, and the way headers are constructed. Hijacking involves use of tools that subvert the stack's header information. Someone might want to do this in order to spoof a fake message or send a payload inside the header field to the wrong port., Types of Threats and Attacks Sniffing Can be detected two ways: Host-based and Network based. Software commands exist (cpm or check promiscous mode in UNIX) that can run on individual host machines to tell if NIC is running in promiscous mode. Network-based solutions check for proesence of running processes and log files, both of which sniffer programs consume a lot of. Sophisticated intruders hide their tracks by disguising the process and/or cleaning up the log files. Best countermeasure against sniffing is end-to-end, or user-to-user encryption. Network admisistrators can help closing SNMP (Simple Network Management Protocol) or community options., Types of Threats and Attacks Back Doors Accounts left by manufacturers and vendors on devices that allow them to bypass a locked-out or clueless system administrator in case of emergency. Every network device comes shipped with more than one default username and password, and these built-in accounts offer administrative privileges to anyone who finds them. Examples of generic usernames & passwords are: Manager, security, admin, debug, monitor, and guest., Types of Threats and Attacks Sniffing Is the interception of data packets traversing a network. Sniffer program works at Ethernet layer in combination with network interface cards (NIC). If any Ethernet NIC cards are in promiscous mode (easily done remotely via a sniffer program), the sniffer program will pick up any and all communication packets floating by anywhere near the Internet host site. A sniffer placed on any backbone device, inter- network link, or network aggregation point will be able to monitor a whole lot of traffic.